Technological advances in digital communications have revolutionized telephony by providing alternative means of voice communications than that provided by traditional analog telephone systems. For example, IP (Internet protocol) telephony is a form of telephony which uses the TCP/IP suite of protocols popularized by IP networks such as the Internet to transmit digitized voice data. The routing of voice conversations over the Internet or other IP networks is commonly called voice-over-IP (VoIP). Digital telephony was introduced to improve voice services, but was subsequently found to be very useful in the creation of new network services because of faster data transfer over telephone lines.
Media session protocols such as session initiation protocol (SIP) can be used for creating, modifying, and terminating IP sessions with one or more participants. SIP sessions can include IP telephone calls, multimedia distribution, and multimedia conferences. The SIP protocol solves a need for a signaling and call setup protocol for IP-based communications that supports call processing functions and features present in the public-switched telephone network by using proxy servers and user agents.
However, in such digital systems, authentication is important to prevent unauthorized users from accessing networks and network services. The authentication (or identity verification) of telephone callers and/or caller devices is a general problem for telephony services, automated or not. Since the implementation of ANI (automatic number identification) or the telephone number from which a call originates (commonly referred to as “caller id”) is oftentimes not available, or more importantly, can be spoofed, voice applications and services typically have to implement methods of caller authentication that are both costly to develop and cumbersome to the user. Such methods include interactive dialogs where the user needs to provide a PIN, confidential information, and/or automated speaker verification (a costly technology in itself).
“Single sign-on” is a concept gaining popularity where an authentication module provides access to a multiplicity of services based on a single “sign-on” or authentication process. While this also has the goal of reducing the need to provide credentials to multiple services, it still requires at least one sign-on to take place. Given the ubiquitous nature of mobile devices (e.g., cell phones) and computing devices, vendors could gain a significant commercial advantage by providing a more efficient and effective authentication mechanism.